Six of the nine patches Microsoft is pushing out today address flaws the software giant considers “critical,” meaning the vulnerabilities could be exploited by malware or miscreants to break into vulnerable computers remotely without any help from users. The critical updates tackle problems with Internet Explorer, Microsoft Edge, Office and Silverlight, among other components. Links to all of the updates are available here.

As noted by security firm Qualys, several versions of Internet Explorer will get their last security updates this month, including IE 11 on Windows 7 and 10; IE 8, 9 and 10; IE 10 on Server 2012; IE 9 on Vista Service Pack 2 and Server 2008; and IE7 and IE8. If you’re using one of these older versions of IE, consider switching — either to a newer, supported version of IE, or to something less tightly bound to the Windows operating system, such as Google Chrome.

It appears that Microsoft pulled one of the updates (MS16-009) at the last minute, probably due to issues in testing the fix to make sure it won’t interfere with other programs. In any case, if you use Microsoft’s products, take a moment this week to make sure that you’re up to date with these and other available security patches from Redmond.

Separately, Adobe has released critical updates for Adobe Acrobat and Reader. Adobe said it was not aware of any active attacks against the vulnerabilities fixed in this month’s release. Adobe also is phasing out older versions of Acrobat and Reader: As the company notes in this blog post, Adobe Acrobat X and Adobe Reader X are no longer supported.

Adobe Reader comes bundled with a number of third-party software products, but many Windows users may not realize there are alternatives, including some good free ones. For a time I used Foxit Reader, but that program seems to have grown more bloated with each release. My current preference is Sumatra PDF; it is lightweight (about 40 times smaller than Adobe Reader) and quite fast.

This entry was posted on Tuesday, January 12th, 2016 at 2:41 pm and is filed under Time to Patch.
You can follow any comments to this entry through the RSS 2.0 feed.
Both comments and pings are currently closed.

32 comments

Unfortunately Foxit has no OCR capability. Users also need to exercise care during installation to avoid a variety of unwanted components and system changes, the make-up of which is changed regularly. The user manual must be downloaded separately.

As for Patch Tuesday, beware of the Silverlight update and the Windows 10 nagware kb2976978. Right-click and hide both of these.

I don’t really think you should hide the Silverlight update, if you have Silverlight installed. I know I use it mainly for System Center but this update patches a critical vulnerability so if you do have Silverlight already on your system, it makes sense to get the latest version, since this vulnerability is one of those hacking team 0-days that has been around for a while. If you know you don’t have Silverlight and Don’t want it, then you can right click and hide it. It’s just that some users have it and don’t even realize its there, so telling them not to download this update is not smart unless the user knows what they are doing and they definitely don’t have Silverlight on their system. Thanks

However Sumatra can’t fill in PDF forms, so you need to be aware that it’s not a one-size-fits-all. If you want the ability to view PDFs only, Chrome can render them in browser. Just drag and drop PDFs into a Chrome window.

Windows 8 falls under the same lifecycle policy as Windows 8.1, and will reach end of Mainstream Support on January 9, 2018, and end of Extended Support on January 10, 2023. With the General Availability of Windows 8.1, customers on Windows 8 have 2 years, until January 12, 2016, to move to Windows 8.1 in order to remain supported.

I found the GWX control panel to be useful in blocking Windows 10. Even if you download one of the “critical” updates (e.g. KB3035583) that lays the framework for GWX nagware, you can at least stop it from nagging you. Given that Microsoft’s adopted the tactics of malware authors in the nagware, where you’re given the choice of installing “now” or “later” (the only way to avoid triggering the installer is to use little X – that with each iteration keeps getting smaller – to close the window).

The easiest way to deal with the Win10 ‘nagware’ right now is to enable the ‘Turn off the upgrade to the latest version of Windows…’ option in Group Policy, as MS released a couple of patches over the last 8 months to add that as a policy option (but to quietly bury it in the process). Although, this may not be available in every edition of Windows 7/8/8.1.

Just thought I would remind readers that there is no Group Policy Editor for non-Pro versions of Windows 8.1 however the removal of GWX is doable, it just takes patience and a few permissions changes. Window 10 killed my WIFI, had to go back.

On one of my systems Windows 10 BSODs during the install process, even on a fresh install. God knows what’d be broken on that box if it actually got through the installation… on the other hand I have an ancient Core Duo Dell Latitude and Windows 10 (x86) is perfectly functional there (at least with all the spyware disabled).

I dunno, what is your question in relation to? Need some context for a better answer, but here’s some thoughts and results.

Did they call you and claim to be from MS about a virus? In that case, they aren’t trust worthy, MS will never initiate a call like that to an normal end user. Similar answer if they are claiming to be from some sorta support contacting you about your computer, if they want money or want you to install something on your computer, they are likely fake. Ask them what your IP is, and see if they are telling the truth by going to whatismyip.com on the computer. Almost guaranteed they will give you a misleading answer that doesn’t match that.

When I google them (without the LLC), I don’t see them on first page of hits, that’s another red flag. When I add the LLC, I see them pop up as a registered LLC but only from about 6 months ago. That’s iffy. If you have a job being offered, I’d hesitate unless it’s a startup that you want to risk. If they are offering franchises, that’s really shady, 6 months isn’t enough to establish oneself for that.

What Krebs has posted is confusing. For instance IE 11 is still being updated on windows 7… if you have SP1. But that’s similar to MS support, you need to have SP1 on win 7 to get support of the OS too.

The bad thing about Microsoft GWX (Windows 10 update), is that it does not check to see if your hardware (for me CPU) is supported. It would be nice if you could disable it and provide reason to Microsoft why it was disabled, or better yet, perform a test to see if hardware is supported or not.

You WILL update to the newest OS
You WILL conform
Resistance IS futile

If your machine has problems after the update/upgrade that another update doesn’t fix then you ARE expected to purchase a new machine with the newest OS pre-installed. Non-compliance with this mandate WILL result in complete loss of support (in any sense of the word) and a label of ‘LUDITE’ under your profile pic.

Windows 7 x64 Ultimate – Two Office 2007 updates failed while installing all security-related updates. One was for PowerPoint, I’m afraid I’ve forgotten the other. A reboot and re-running Windows Update took care of the problem.

As far as the GWX; it’s the only thing I have found that can stop Microsoft from installing Windows 10 against my will; for now. I use an Alienware 18R2 and have dual Nvidia GTX 770M’s. Alienware and Nvidia sites are full of people with computer’s that have the same configuration as mine and their computer’s are not just crashing but being destroyed when running Window’s 10. I have held out with Windows 7 so I haven’t had this problem but it has gotten so bad, Alienware has had to set up a reporting site for people to go to be able to report the destruction of their computers. Most are out of warranty so I don’t know what will happen for them but these are expensive machines and to just be destroyed like that; just isn’t right. Either Microsoft or Nvidia or combination of both must be culpable.

There are so many ways not to get windows 10. The easiest is just keep your harddrive pretty full and there won’t be enough room for it to install. You need like 10gb of free space for it to install. You also could just remove the GWX from the registry, hide the updates, use the GWX control panel apps, or if your computer can handle it just go to windows 10. It is soo much lighter and faster than 7. Much better security features, the file explorer is so much better, I would never go back to 7, just because of the File explorer and all the added icons, plus the colors of 10 vs 7, and I can go on and on, I have windows 7 PC’s in my office, but my personal computers are all running 10 and I would never go back to 7, just because of the quickness and added features that I use all the time, I highly suggest you to give 10 a shot as long as your computer is not a piece of old crap. then definitely stick on 7, my old Desktop is still on Vista Enterprise because updating Enterprise is such a bitch and I wont get the free update to 10.
but otherwise I move all the new ones to 1511 not 10240 , the 1511 update makes 10 so much better.

It shocks me that Adobe still hasn’t fixed its Reader so it notifies users when there is a new version of Reader. Currently it only tells you when there is an update to the version you have (for example if you have DC and there’s a new patch to DC), but will say “No Updates Available” when a newer version of the whole reader has been released. So many, many, many people still have X not realizing XI is available, and when have XI not realizing DC is available, and as far as they know, their reader is up to date. Brian, can you ask Adobe to address this?